Add OSVersionCheck schema

management/server/http/api/openapi.yml

@@ -21,6 +21,8 @@ tags:
     description: Interact with and view information about rules.
   - name: Policies
     description: Interact with and view information about policies.
+  - name: Posture Checks
+    description: Interact with and view information about posture checks.
   - name: Routes
     description: Interact with and view information about routes.
   - name: DNS
@@ -838,14 +840,39 @@ components:
       properties:
         nb_version_check:
           $ref: '#/components/schemas/NBVersionCheck'
+        os_version_check:
+          $ref: '#/components/schemas/OSVersionCheck'
     NBVersionCheck:
       description: Posture check for the version of NetBird
       type: object
+      $ref: '#/components/schemas/CheckMinVersion'
+    OSVersionCheck:
+      description: Posture check for the version of operating system
+      type: object
+      properties:
+        android:
+          description: Minimum version of Android
+          $ref: '#/components/schemas/CheckMinVersion'
+        darwin:
+          description: Minimum version of Darwin
+          $ref: '#/components/schemas/CheckMinVersion'
+        ios:
+          description: Minimum version of iOS
+          $ref: '#/components/schemas/CheckMinVersion'
+        linux:
+          description: Minimum version of Linux
+          $ref: '#/components/schemas/CheckMinVersion'
+        windows:
+          description: Minimum version of Windows
+          $ref: '#/components/schemas/CheckMinVersion'
+    CheckMinVersion:
+      description: Posture check for the version of operating system
+      type: object
       properties:
         min_version:
-          description: Minimum acceptable NetBird version
+          description: Minimum acceptable version
           type: string
-          example: "0.25.0"
+          example: "23.2.0"
       required:
         - min_version
     PostureCheckUpdate:
@@ -2215,7 +2242,6 @@ paths:
           "$ref": "#/components/responses/forbidden"
         '500':
           "$ref": "#/components/responses/internal_error"
-
   /api/routes/{routeId}:
     get:
       summary: Retrieve a Route
@@ -2360,7 +2386,6 @@ paths:
           "$ref": "#/components/responses/forbidden"
         '500':
           "$ref": "#/components/responses/internal_error"
-
   /api/dns/nameservers/{nsgroupId}:
     get:
       summary: Retrieve a Nameserver Group
@@ -2452,7 +2477,6 @@ paths:
           "$ref": "#/components/responses/forbidden"
         '500':
           "$ref": "#/components/responses/internal_error"
-
   /api/dns/settings:
     get:
       summary: Retrieve DNS settings
@@ -2534,7 +2558,7 @@ paths:
     get:
       summary: List all Posture Checks
       description: Returns a list of all posture checks
-      tags: [ Posture Checks ]
+      tags: [ "Posture Checks" ]
       security:
         - BearerAuth: [ ]
         - TokenAuth: [ ]
@@ -2558,7 +2582,7 @@ paths:
     post:
       summary: Create a Posture Check
       description: Creates a posture check
-      tags: [ Posture Checks ]
+      tags: [ "Posture Checks" ]
       security:
         - BearerAuth: [ ]
         - TokenAuth: [ ]
@@ -2579,7 +2603,7 @@ paths:
     get:
       summary: Retrieve a Posture Check
       description: Get information about a posture check
-      tags: [ Posture Checks ]
+      tags: [ "Posture Checks" ]
       security:
         - BearerAuth: [ ]
         - TokenAuth: [ ]
@@ -2608,7 +2632,7 @@ paths:
     put:
       summary: Update a Posture Check
       description: Update/Replace a posture check
-      tags: [ Posture Checks ]
+      tags: [ "Posture Checks" ]
       security:
         - BearerAuth: [ ]
         - TokenAuth: [ ]
@@ -2643,7 +2667,7 @@ paths:
     delete:
       summary: Delete a Posture Check
       description: Delete a posture check
-      tags: [ Posture Checks ]
+      tags: [ "Posture Checks" ]
       security:
         - BearerAuth: [ ]
         - TokenAuth: [ ]

management/server/http/posture_checks_handler.go

@@ -183,7 +183,16 @@ func (p *PostureChecksHandler) savePostureChecks(
 		postureChecks.Checks = append(postureChecks.Checks, &posture.NBVersionCheck{
 			MinVersion: nbVersionCheck.MinVersion,
 		})
+	}
 
+	if osVersionCheck := req.Checks.OsVersionCheck; osVersionCheck != nil {
+		postureChecks.Checks = append(postureChecks.Checks, &posture.OSVersionCheck{
+			Android: (*posture.MinVersionCheck)(osVersionCheck.Android),
+			Darwin:  (*posture.MinVersionCheck)(osVersionCheck.Darwin),
+			Ios:     (*posture.MinVersionCheck)(osVersionCheck.Ios),
+			Linux:   (*posture.MinVersionCheck)(osVersionCheck.Linux),
+			Windows: (*posture.MinVersionCheck)(osVersionCheck.Windows),
+		})
 	}
 
 	if err := p.accountManager.SavePostureChecks(account.Id, user.Id, &postureChecks); err != nil {
@@ -199,7 +208,7 @@ func validatePostureChecksUpdate(req api.PostureCheckUpdate) error {
 		return status.Errorf(status.InvalidArgument, "posture checks name shouldn't be empty")
 	}
 
-	if req.Checks == nil || req.Checks.NbVersionCheck == nil {
+	if req.Checks == nil || req.Checks.NbVersionCheck == nil || req.Checks.OsVersionCheck == nil {
 		return status.Errorf(status.InvalidArgument, "posture checks shouldn't be empty")
 	}
 
@@ -213,13 +222,21 @@ func validatePostureChecksUpdate(req api.PostureCheckUpdate) error {
 func toPostureChecksResponse(postureChecks *posture.Checks) *api.PostureCheck {
 	var checks api.Checks
 	for _, check := range postureChecks.Checks {
-		//nolint:gocritic
 		switch check.Name() {
 		case posture.NBVersionCheckName:
 			versionCheck := check.(*posture.NBVersionCheck)
 			checks.NbVersionCheck = &api.NBVersionCheck{
 				MinVersion: versionCheck.MinVersion,
 			}
+		case posture.OSVersionCheckName:
+			osCheck := check.(*posture.OSVersionCheck)
+			checks.OsVersionCheck = &api.OSVersionCheck{
+				Android: (*api.CheckMinVersion)(osCheck.Android),
+				Darwin:  (*api.CheckMinVersion)(osCheck.Darwin),
+				Ios:     (*api.CheckMinVersion)(osCheck.Ios),
+				Linux:   (*api.CheckMinVersion)(osCheck.Linux),
+				Windows: (*api.CheckMinVersion)(osCheck.Windows),
+			}
 		}
 	}
 

management/server/posture/checks.go

@@ -8,6 +8,7 @@ import (
 
 const (
 	NBVersionCheckName = "NBVersionCheck"
+	OSVersionCheckName = "OSVersionCheck"
 )
 
 // Check represents an interface for performing a check on a peer.
@@ -103,14 +104,19 @@ func (pc *Checks) unmarshalChecks(rawChecks map[string]json.RawMessage) error {
 	pc.Checks = make([]Check, 0, len(rawChecks))
 
 	for name, rawCheck := range rawChecks {
-		//nolint:gocritic
 		switch name {
 		case NBVersionCheckName:
 			check := &NBVersionCheck{}
 			if err := json.Unmarshal(rawCheck, check); err != nil {
 				return err
 			}
 			pc.Checks = append(pc.Checks, check)
+		case OSVersionCheckName:
+			check := &OSVersionCheck{}
+			if err := json.Unmarshal(rawCheck, check); err != nil {
+				return err
+			}
+			pc.Checks = append(pc.Checks, check)
 		}
 	}
 	return nil

management/server/posture/os_version.go

@@ -0,0 +1,27 @@
+package posture
+
+import (
+	nbpeer "github.com/netbirdio/netbird/management/server/peer"
+)
+
+type MinVersionCheck struct {
+	MinVersion string
+}
+
+type OSVersionCheck struct {
+	Android *MinVersionCheck
+	Darwin  *MinVersionCheck
+	Ios     *MinVersionCheck
+	Linux   *MinVersionCheck
+	Windows *MinVersionCheck
+}
+
+var _ Check = (*OSVersionCheck)(nil)
+
+func (n *OSVersionCheck) Check(peer nbpeer.Peer) error {
+	return nil
+}
+
+func (n *OSVersionCheck) Name() string {
+	return OSVersionCheckName
+}